Abstract
Accountability provides the necessary assurance to different stakeholders (customers, auditors, regulators) about the correct execution of the obligations concerning compliance requirements. Modeling accountability in a business process is an important problem, as SOA is the generally accepted standard for IT systems. This requires the orchestration of several non-functional concerns across services (such as authentication, authorization, logging, among others) to attest the correct operation of control activities. In this paper, we show how a model-driven framework for non-functional concerns can integrate accountability in business processes. Using the NFComp modeling framework, we define and compose a set of non-functional concerns that securely assert that subjects have fulfilled their responsibilities, towards realizing accountability. The approach allows the reuse of the composed accountability concerns in different processes.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Chollet, S., Lalanda, P.: Security specification at process level. In: IEEE International Conference on Services Computing, SCC 2008, vol. 1, pp. 165–172 (July 2008)
Gunestas, M., Wijesekera, D., Elkhodary, A.: An evidence generation model for web services. In: IEEE International Conference on System of Systems Engineering, SoSE 2009, May 30-June 3, pp. 1–6 (2009)
Gunestas, M., Wijesekera, D., Singhal, A.: Forensic web services. In: Ray, I., Shenoi, S. (eds.) Advances in Digital Forensics IV. IFIP International Federation for Information Processing, vol. 285, pp. 163–176. Springer, Boston (2008)
Kremer, S., Markowitch, O., Zhou, J.: An intensive survey of fair non-repudiation protocols. Computer Communications 25(17), 1606–1621 (2002)
Lin, K.J., Panahi, M., Zhang, Y., Zhang, J., Chang, S.H.: Building accountability middleware to support dependable soa. IEEE Internet Computing 13, 16–25 (2009)
Wang, L., Li, Y., Wijesekera, D., Jajodia, S.: Precisely answering multi-dimensional range queries without privacy breaches. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 100–115. Springer, Heidelberg (2003)
OMG: Business Process Model and Notation (BPMN) 2.0 (January 2011)
Pearson, S., Charlesworth, A.: Accountability as a way forward for privacy protection in the cloud. In: Jaatun, M.G., Zhao, G., Rong, C. (eds.) CloudCom 2009. LNCS, vol. 5931, pp. 131–144. Springer, Heidelberg (2009)
Robinson, P., Cook, N., Shrivastava, S.: Implementing fair non-repudiable interactions with web services. In: EDOC Enterprise Computing Conference, 2005 Ninth IEEE International, pp. 195–206 (September 2005)
Schmeling, B., Charfi, A., Martin, M., Mezini, M.: Towards Conflict-Free Composition of Non-functional Concerns. In: Ralyté, J., Franch, X., Brinkkemper, S., Wrycza, S. (eds.) CAiSE 2012. LNCS, vol. 7328, pp. 80–94. Springer, Heidelberg (2012)
Schmeling, B., Charfi, A., Mezini, M.: Composing Non-Functional Concerns in Composite Web Services. In: IEEE International Conference on Web Services (ICWS 2011). IEEE Computer Society, Washington DC (2011)
Schmeling, B., Charfi, A., Thome, R., Mezini, M.: Composing Non-Functional Concerns in Web Services. In: The 9th European Conference on Web Services (ECOWS 2011). IEEE Computer Society, Lugano (2011)
Souza, A.R.R., et al.: Incorporating security requirements into service composition: From modelling to execution. In: Baresi, L., Chi, C.-H., Suzuki, J. (eds.) ICSOC-ServiceWave 2009. LNCS, vol. 5900, pp. 373–388. Springer, Heidelberg (2009)
Tseng, M.M., Su, C.J., Qinhai, M.: Accountability centered approach to business process reengineering. In: HICSS, vol. (4), pp. 345–354 (1998)
Weitzner, D.J., Abelson, H., Berners-Lee, T., Feigenbaum, J., Hendler, J., Sussman, G.J.: Information accountability. Commun. ACM 51, 82–87 (2008)
Yao, J., Chen, S., Wang, C., Levy, D., Zic, J.: Accountability as a service for the cloud. In: IEEE International Conference on Services Computing (SCC) 2010, pp. 81–88 (July 2010)
Zou, J., De Vaney, C., Wang, Y.: A meta-modeling framework to support accountability in business process modeling. In: Yang, J., Ginige, A., Mayr, H.C., Kutsche, R.-D. (eds.) UNISCON 2009. LNBIP, vol. 20, pp. 539–550. Springer, Heidelberg (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
de Oliveira, A.S., Charfi, A., Schmeling, B., Serme, G. (2014). A Model-Driven Approach for Accountability in Business Processes. In: Bider, I., et al. Enterprise, Business-Process and Information Systems Modeling. BPMDS EMMSAD 2014 2014. Lecture Notes in Business Information Processing, vol 175. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-43745-2_13
Download citation
DOI: https://doi.org/10.1007/978-3-662-43745-2_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-43744-5
Online ISBN: 978-3-662-43745-2
eBook Packages: Computer ScienceComputer Science (R0)